Delivery-Date: Mon, 28 Sep 2015 12:24:07 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id B4A641E04AE;
	Mon, 28 Sep 2015 12:24:04 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 653E037CE4;
	Mon, 28 Sep 2015 16:23:59 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 55C5137CB4
 for <tor-talk@lists.torproject.org>; Mon, 28 Sep 2015 16:23:55 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id XneJsd7FKOQh for <tor-talk@lists.torproject.org>;
 Mon, 28 Sep 2015 16:23:55 +0000 (UTC)
Received: from foofus.com (foofus.com [72.52.75.6])
 by eugeni.torproject.org (Postfix) with ESMTP id 24D2E37C1D
 for <tor-talk@lists.torproject.org>; Mon, 28 Sep 2015 16:23:55 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by foofus.com (Postfix) with ESMTP id 7BC5F1843AAB
 for <tor-talk@lists.torproject.org>; Mon, 28 Sep 2015 09:23:52 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at foofus.com
Received: from foofus.com ([127.0.0.1])
 by localhost (foofus.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id t4fq2LVynkFf for <tor-talk@lists.torproject.org>;
 Mon, 28 Sep 2015 09:23:51 -0700 (PDT)
Received: from foofus.com (localhost [127.0.0.1])
 by foofus.com (Postfix) with ESMTP
 for <tor-talk@lists.torproject.org>; Mon, 28 Sep 2015 09:23:51 -0700 (PDT)
MIME-Version: 1.0
Date: Mon, 28 Sep 2015 09:23:51 -0700
From: AMuse <tor-amuse@foofus.com>
To: tor-talk@lists.torproject.org
In-Reply-To: <5606F599.4030206@gmail.com>
References: <CAKcCSXq6=L85ndL_dtnVg=szY6mCyUFhfLrNOaB9nhKqqKnT_A@mail.gmail.com>
 <5606F599.4030206@gmail.com>
Message-ID: <02408aa9ea99f99146c2c6815aff9676@foofus.com>
X-Sender: tor-amuse@foofus.com
User-Agent: Roundcube Webmail/0.9.5
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] Making TBB undetectable!
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

 

Having a unique, or unique enough browser fingerprint would allow
website owners and content network providers to track a TOR user across
nodes and/or sessions. With a large enough CDN (facebook, etc) you could
reasonably de-anonymize a user. 

On 2015-09-26 12:44, Jeremy Rand wrote: 

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> On 09/26/2015 06:38 PM, behnaz Shirazi wrote:
> Also, if you want true undetectability you need to install a Tor instance and your OS for TBB in seperate VMs and setup the Tor VM to be a transparent router for your OS, so even if java/flash/exploit is executed, it doesn't leak your real IP, since even your OS in the VM is forced through Tor. No I don't talk about anonymity, I'm asking to fix detectability. destination website shouldn't be able to detect user is using TBB, some people think only problematic guys use TBB and Detecting it cause a lots of problems in different scenarios (in my own case, for some reasons i'm worry about QUANTUM_INSERT like programs that can automatically attack me if they think i'm a suspicious user)

Maybe I'm not understanding you, but given that all TBB users are
already distinguishable from other users since their IP address is a
Tor exit, I'm not seeing how TorBrowser having a different fingerprint
from other browsers is a problem. The important thing is that
TorBrowser users have the same fingerprint as each other, which the
TorBrowser devs seem to be doing a good job on.

Cheers,
- -Jeremy Rand
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWBvWBAAoJEAHN/EbZ1y06EoQP/2s4V0dsGFyism2rSSpsd6fo
gt0a40kLdIBb2wegtYbpWtjdL2N9hvc6HWgcobwrN0e8gxgMdTNrUtd5Ert71/0n
Lfwb9M1WN4s6QWFHxpdEpKxR+Ek81JCBLAVq2ukgcXwFo93oHibZQP6Z6aQOanOf
1CC9qsnpYBGHmlOH1jEBqsB6q9fyMNAHkhPH5fFtJMoutdmcfwTekL1P6Tilt+i7
68OT1gyaEtOJDHaIJWdTx3GTS0t3IdPKngpJfGmNte+NBJlaEyAg1E1pRb5jFqJ2
DIJYb+0h+LYVLgaWfMJ6EdUp1nivhXzBZjb7TpKWJNIBcVLibbJQ8TIgiWXixnQS
xyYZYM+WM26PNyXt/Q1POZri9AnS6hCenvHJob6QpZ4qI0dr4btxuf8k+O+0E3zI
0SPmgH41TS4aP/haxolYZRQgDg8PrdC87U6hSlSK5iYSNlWYYL88TsAFSFQ9ytVq
y5tBQNW+uVSJSO+XySQ8G7rAfWhdDWCJKBFrx/EdXI1J4AAZrouV5NOcqWUrqR/k
RBWW0/7u1uzXDBF+4eqy2nq3/RG1BBWklmnSWant39OeNYnHIL2fyAHzVNpG7KAK
/oHn6h7LerdplTZGe1PPkVpfrl3Tx18IXjMuOCmJcdqNL0ee41dkOwJWNcBoo3Pw
u5bcYaeK6uYJJMJWMLOR
=HCiV
-----END PGP SIGNATURE-----

 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

